Breach: New Dragonfly Computer Virus Can Cripple Power Plants With the Click of a Mouse

Outgoing Homeland Security Secretary Janet Napolitano issued an open letter to her successor last year and warned that a “massive and serious” cyber attack targeting the U.S. power grid was imminent. Such an event, said Napolitano, would have an immediate impact on everything from powering your home to grocery food deliveries.

At the very moment Napolitano made her comments, whether she knew it or not, a group of eastern European hackers believed to be working closely with Russia’s electronic spy agency had compromised upwards of 1,000 key infrastructure components around the world that included wind turbines, gas pipelines, aviation system and power plants.

According to cyber security firm Symantec these state-sponsored hackers breached industrial control systems’ equipment by first hacking the physical computers responsible for managing grid components and then forcing them to download malware that made it possible to take control of the entire system remotely.

take our poll - story continues below

Should Jim Acosta have gotten his press pass back?

Should Jim Acosta have gotten his press pass back?

Should Jim Acosta have gotten his press pass back?*

Yes, he should have gotten it back.

No, you can't act like a child and keep your pass.

Maybe? I'm not sure if he should have.

Email*

Phone

This field is for validation purposes and should be left unchanged.

Completing this poll grants you access to Freedom Outpost updates free of charge. You may opt out at anytime. You also agree to this site's Privacy Policy and Terms of Use.

Once in, the hacking group known to security engineers as ‘Dragonfly’ was not only able to monitor the operational status of every component on the accessed networks, but they had gained the ability to shut them down completely – with a single click of the mouse.

Over 1,000 energy firms were infected with a sophisticated cyber weapon that gave hackers access to power plant control systems, it has been revealed.

…

The software allows operators to monitor energy consumption in real time – and to cripple physical systems such as wind turbines, gas pipelines and power plants at the click of a mouse.

Symantec analysts say that the new ‘Energetic Bear’ virus is similar to Stuxnet, a malware program that was used by Israeli and U.S. intelligence agencies to remotely shut down the centrifuges used to refine nuclear fuel at Iranian nuclear facilities.

But Stuxnet and Energetic Bear or not unique in how they compromise utility infrastructure networks. The Department of Homeland Security was tracking a number of viruses and trojans as early as 2011 that had similar capabilities. Though the extent of the breaches is not clear, DHS says that it is widespread:

Utilities such as water supplies and the power grid face a rising number of cyber break-ins by attackers using sophisticated attacks.

Acting DHS Deputy Undersecretary Greg Schaffer said that industries are increasingly vulnerable to hackers and foreign agents due to ‘connected’ equipment…

Earlier this month, security researchers demonstrated that it was even possible to remotely ‘open’ jail cell doors if they were controlled using ‘programmable logic controllers’ – common automated controls.

‘We are connecting equipment that has never been connected before to global networks,’ Schaffer said. Hackers and perhaps foreign governments ‘are knocking on the doors of these systems – there have been intrusions.’

Certainly an outside entity could have a capability today to send many different malware messages into the grid at the same time in such a way that you could take down most of the grid, and may be all of the grid, he said.

The effects of such an attack, whether executed by a foreign enemy or rogue terrorists, would be devastating to a country like the United States which depends on a modern electrical and communications infrastructure to function.

And experts forecast if such an attack were a success, it effectively could throw the U.S. back into an age of agriculture.

“Within a year of that attack, nine out of 10 Americans would be dead, because we can’t support a population of the present size in urban centers and the like without electricity,” said Frank Gaffney, president of the Center for Security Policy.

Despite warnings from private security firms and repeated intrusions by state sponsored hacking groups from Russia, Iran and China, the United States remains susceptible to a variety of different cyber attacks. Everything from military hardware systems and space agency satellites to public utility services have been attacked in recent years.

The latest attack, believed to be orchestrated by a Russian-backed hacking group, shows that not only can these teams operate for months without being detected, but that they have already breached our networks and may have installed “sleeper” viruses that are simply waiting for commands to be executed on thousands of unsuspecting networks.

Within the span of seconds and with the simple click of a mouse our entire national infrastructure could be rendered useless.

About the AuthorMac Slavo

Join the conversation!

We have no tolerance for comments containing violence, racism, vulgarity, profanity, all caps, or discourteous behavior. Thank you for partnering with us to maintain a courteous and useful public environment where we can engage in reasonable discourse.